CVE-2023-20788 - Vulnerability Details

Vendors	Products
Google	Android
Mediatek	Mt6739 Mt6761 Mt6765 Mt6768 Mt6771 Mt6779 Mt6781 Mt6785 Mt6833 Mt6853 Mt6873 Mt6877 Mt6883 Mt8167 Mt8167s Mt8168 Mt8321 Mt8362a Mt8365

Link	Providers
https://corp.mediatek.com/product-security-bulletin/August-2023

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-20788", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "state": "PUBLISHED", "assignerShortName": "MediaTek", "dateReserved": "2022-10-28T02:03:10.777Z", "datePublished": "2023-08-07T03:21:16.827Z", "dateUpdated": "2024-10-21T15:04:40.199Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2023-08-07T03:21:16.827Z"}, "descriptions": [{"lang": "en", "value": "In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735."}], "affected": [{"vendor": "MediaTek, Inc.", "product": "MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6883, MT8167, MT8167S, MT8168, MT8321, MT8362A, MT8365", "versions": [{"version": "Android 12.0", "status": "affected"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "Elevation of Privilege"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:14:40.981Z"}, "title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/August-2023", "tags": ["x_transferred"]}]}, {"affected": [{"vendor": "mediatek", "product": "mt6739", "cpes": ["cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6761", "cpes": ["cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6765", "cpes": ["cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6768", "cpes": ["cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6771", "cpes": ["cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6779", "cpes": ["cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6781", "cpes": ["cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6785", "cpes": ["cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6833", "cpes": ["cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6853", "cpes": ["cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6873", "cpes": ["cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6877", "cpes": ["cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt6883", "cpes": ["cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt8167", "cpes": ["cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt8167s", "cpes": ["cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt8168", "cpes": ["cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt8321", "cpes": ["cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt8362a", "cpes": ["cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}, {"vendor": "mediatek", "product": "mt8365", "cpes": ["cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "Android 12.0", "status": "affected"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-21T14:56:43.176203Z", "id": "CVE-2023-20788", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-21T15:04:40.199Z"}}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-20788 (string)

assignerOrgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

state : PUBLISHED (string)

assignerShortName : MediaTek (string)

dateReserved : 2022-10-28T02:03:10.777Z (string)

datePublished : 2023-08-07T03:21:16.827Z (string)

dateUpdated : 2024-10-21T15:04:40.199Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

shortName : MediaTek (string)

dateUpdated : 2023-08-07T03:21:16.827Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735. (string)

}

]

affected : [ »

0 : { »

vendor : MediaTek, Inc. (string)

product : MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6883, MT8167, MT8167S, MT8168, MT8321, MT8362A, MT8365 (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

]

references : [ »

0 : { »

url : https://corp.mediatek.com/product-security-bulletin/August-2023 (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

type : text (string)

lang : en (string)

description : Elevation of Privilege (string)

}

]

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T09:14:40.981Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://corp.mediatek.com/product-security-bulletin/August-2023 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

1 : { »

affected : [ »

0 : { »

vendor : mediatek (string)

product : mt6739 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

1 : { »

vendor : mediatek (string)

product : mt6761 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

2 : { »

vendor : mediatek (string)

product : mt6765 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

3 : { »

vendor : mediatek (string)

product : mt6768 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

4 : { »

vendor : mediatek (string)

product : mt6771 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

5 : { »

vendor : mediatek (string)

product : mt6779 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

6 : { »

vendor : mediatek (string)

product : mt6781 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

7 : { »

vendor : mediatek (string)

product : mt6785 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

8 : { »

vendor : mediatek (string)

product : mt6833 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

9 : { »

vendor : mediatek (string)

product : mt6853 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

10 : { »

vendor : mediatek (string)

product : mt6873 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

11 : { »

vendor : mediatek (string)

product : mt6877 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

12 : { »

vendor : mediatek (string)

product : mt6883 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

13 : { »

vendor : mediatek (string)

product : mt8167 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

14 : { »

vendor : mediatek (string)

product : mt8167s (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

15 : { »

vendor : mediatek (string)

product : mt8168 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

16 : { »

vendor : mediatek (string)

product : mt8321 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

17 : { »

vendor : mediatek (string)

product : mt8362a (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

18 : { »

vendor : mediatek (string)

product : mt8365 (string)

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:* (string)

]

defaultStatus : unknown (string)

versions : [ »

0 : { »

version : Android 12.0 (string)

status : affected (string)

}

]

}

]

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

timestamp : 2024-10-21T14:56:43.176203Z (string)

id : CVE-2023-20788 (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

role : CISA Coordinator (string)

version : 2.0.3 (string)

}

]

title : CISA ADP Vulnrichment (string)

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-21T15:04:40.199Z (string)

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/August-2023", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T09:14:40.981Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-20788", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-10-21T14:56:43.176203Z"}}}], "affected": [{"cpes": ["cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6739", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6761", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6765", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6768", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6771", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6779", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6781", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6785", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6833", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6853", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6873", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6877", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt6883", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8167", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8167s", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8168", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8321", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8362a", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*"], "vendor": "mediatek", "product": "mt8365", "versions": [{"status": "affected", "version": "Android 12.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-21T15:04:16.322Z"}}], "cna": {"affected": [{"vendor": "MediaTek, Inc.", "product": "MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6883, MT8167, MT8167S, MT8168, MT8321, MT8362A, MT8365", "versions": [{"status": "affected", "version": "Android 12.0"}]}], "references": [{"url": "https://corp.mediatek.com/product-security-bulletin/August-2023"}], "descriptions": [{"lang": "en", "value": "In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "Elevation of Privilege"}]}], "providerMetadata": {"orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "shortName": "MediaTek", "dateUpdated": "2023-08-07T03:21:16.827Z"}}}, "cveMetadata": {"cveId": "CVE-2023-20788", "state": "PUBLISHED", "dateUpdated": "2024-10-21T15:04:40.199Z", "dateReserved": "2022-10-28T02:03:10.777Z", "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374", "datePublished": "2023-08-07T03:21:16.827Z", "assignerShortName": "MediaTek"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://corp.mediatek.com/product-security-bulletin/August-2023 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T09:14:40.981Z (string)

}

1 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-20788 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : total (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-10-21T14:56:43.176203Z (string)

}

]

affected : [ »

0 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6739 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

1 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6761 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

2 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6765 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

3 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6768 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

4 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6771 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

5 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6779 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

6 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6781 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

7 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6785 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

8 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6833 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

9 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6853 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

10 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6873 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

11 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6877 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

12 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt6883 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

13 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8167 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

14 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8167s (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

15 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8168 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

16 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8321 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

17 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8362a (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

18 : { »

cpes : [ »

0 : cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:* (string)

]

vendor : mediatek (string)

product : mt8365 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

defaultStatus : unknown (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-10-21T15:04:16.322Z (string)

}

]

cna : { »

affected : [ »

0 : { »

vendor : MediaTek, Inc. (string)

product : MT6739, MT6761, MT6765, MT6768, MT6771, MT6779, MT6781, MT6785, MT6833, MT6853, MT6873, MT6877, MT6883, MT8167, MT8167S, MT8168, MT8321, MT8362A, MT8365 (string)

versions : [ »

0 : { »

status : affected (string)

version : Android 12.0 (string)

}

]

}

]

references : [ »

0 : { »

url : https://corp.mediatek.com/product-security-bulletin/August-2023 (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

lang : en (string)

type : text (string)

description : Elevation of Privilege (string)

}

]

}

]

providerMetadata : { »

orgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

shortName : MediaTek (string)

dateUpdated : 2023-08-07T03:21:16.827Z (string)

}

cveMetadata : { »

cveId : CVE-2023-20788 (string)

state : PUBLISHED (string)

dateUpdated : 2024-10-21T15:04:40.199Z (string)

dateReserved : 2022-10-28T02:03:10.777Z (string)

assignerOrgId : ee979b05-11f8-4f25-a7e0-a1fa9c190374 (string)

datePublished : 2023-08-07T03:21:16.827Z (string)

assignerShortName : MediaTek (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*", "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*", "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*", "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*", "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*", "matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*", "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:*", "matchCriteriaId": "C4EEE021-6B2A-47A0-AC6B-55525A40D718", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*", "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:*", "matchCriteriaId": "9814939B-F05E-4870-90C0-7C0F6BAAEB39", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:*", "matchCriteriaId": "366F1912-756B-443E-9962-224937DD7DFB", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:*", "matchCriteriaId": "F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:*", "matchCriteriaId": "7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*", "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:*", "matchCriteriaId": "3B5FE245-6346-4078-A3D0-E5F79BB636B8", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:*", "matchCriteriaId": "639C5BDE-2E83-427A-BAB7-85EA9348AC68", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:*", "matchCriteriaId": "3CE2FC35-716A-4706-97BA-5DB165041580", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:*", "matchCriteriaId": "793B7F88-79E7-4031-8AD0-35C9BFD073C4", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:*", "matchCriteriaId": "2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11", "vulnerable": false}, {"criteria": "cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:*", "matchCriteriaId": "97C76F98-5D8D-4E52-ABAF-CD27C1205B0E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735."}], "id": "CVE-2023-20788", "lastModified": "2024-11-21T07:41:31.803", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.5, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-08-07T04:15:13.123", "references": [{"source": "security@mediatek.com", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/August-2023"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://corp.mediatek.com/product-security-bulletin/August-2023"}], "sourceIdentifier": "security@mediatek.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}, {"lang": "en", "value": "CWE-416"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* (string)

matchCriteriaId : F8FB8EE9-FC56-4D5E-AE55-A5967634740C (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7FA8A390-9F52-4CF3-9B45-936CE3E2B828 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F726F486-A86F-4215-AD93-7A07A071844A (string)

vulnerable : false (boolean)

}

2 : { »

criteria : cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 43E779F6-F0A0-4153-9A1D-B715C3A2F80E (string)

vulnerable : false (boolean)

}

3 : { »

criteria : cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 06CD97E1-8A76-48B4-9780-9698EF5A960F (string)

vulnerable : false (boolean)

}

4 : { »

criteria : cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:* (string)

matchCriteriaId : BE4D2AED-C713-407F-A34A-52C3D8F65835 (string)

vulnerable : false (boolean)

}

5 : { »

criteria : cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:* (string)

matchCriteriaId : EBA369B8-8E23-492B-82CC-23114E6A5D1C (string)

vulnerable : false (boolean)

}

6 : { »

criteria : cpe:2.3:h:mediatek:mt6781:-:*:*:*:*:*:*:* (string)

matchCriteriaId : C4EEE021-6B2A-47A0-AC6B-55525A40D718 (string)

vulnerable : false (boolean)

}

7 : { »

criteria : cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:* (string)

matchCriteriaId : A82E0A4F-072F-474C-B94C-8114ABE05639 (string)

vulnerable : false (boolean)

}

8 : { »

criteria : cpe:2.3:h:mediatek:mt6833:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 9814939B-F05E-4870-90C0-7C0F6BAAEB39 (string)

vulnerable : false (boolean)

}

9 : { »

criteria : cpe:2.3:h:mediatek:mt6853:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 366F1912-756B-443E-9962-224937DD7DFB (string)

vulnerable : false (boolean)

}

10 : { »

criteria : cpe:2.3:h:mediatek:mt6873:-:*:*:*:*:*:*:* (string)

matchCriteriaId : F6B8A36E-C5FB-44AE-A1C3-50EBF4C68F6B (string)

vulnerable : false (boolean)

}

11 : { »

criteria : cpe:2.3:h:mediatek:mt6877:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 7CA9352F-E9BD-4656-9B7C-4AFEE2C78E58 (string)

vulnerable : false (boolean)

}

12 : { »

criteria : cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 15E2EC3F-9FB3-488B-B1C1-2793A416C755 (string)

vulnerable : false (boolean)

}

13 : { »

criteria : cpe:2.3:h:mediatek:mt8167:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 3B5FE245-6346-4078-A3D0-E5F79BB636B8 (string)

vulnerable : false (boolean)

}

14 : { »

criteria : cpe:2.3:h:mediatek:mt8167s:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 639C5BDE-2E83-427A-BAB7-85EA9348AC68 (string)

vulnerable : false (boolean)

}

15 : { »

criteria : cpe:2.3:h:mediatek:mt8168:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 3CE2FC35-716A-4706-97BA-5DB165041580 (string)

vulnerable : false (boolean)

}

16 : { »

criteria : cpe:2.3:h:mediatek:mt8321:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 793B7F88-79E7-4031-8AD0-35C9BFD073C4 (string)

vulnerable : false (boolean)

}

17 : { »

criteria : cpe:2.3:h:mediatek:mt8362a:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 2F16F2B9-D89D-4AB2-B768-CB3B22AEFE11 (string)

vulnerable : false (boolean)

}

18 : { »

criteria : cpe:2.3:h:mediatek:mt8365:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 97C76F98-5D8D-4E52-ABAF-CD27C1205B0E (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : In thermal, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648734; Issue ID: ALPS07648735. (string)

}

]

id : CVE-2023-20788 (string)

lastModified : 2024-11-21T07:41:31.803 (string)

metrics : { »

cvssMetricV31 : [ »

0 : { »

cvssData : { »

attackComplexity : HIGH (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 6.4 (number)

baseSeverity : MEDIUM (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : HIGH (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.1 (string)

}

exploitabilityScore : 0.5 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2023-08-07T04:15:13.123 (string)

references : [ »

0 : { »

source : security@mediatek.com (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://corp.mediatek.com/product-security-bulletin/August-2023 (string)

}

1 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Vendor Advisory (string)

]

url : https://corp.mediatek.com/product-security-bulletin/August-2023 (string)

}

]

sourceIdentifier : security@mediatek.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-367 (string)

}

1 : { »

lang : en (string)

value : CWE-416 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object