CVE-2021-32484

Published Sep 9, 2021

Last updated 3 years ago

CVSS high 7.5

Overview

Description: In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964917.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7.5
Impact score: 3.6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-787

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mediatek:mt6739:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "7FA8A390-9F52-4CF3-9B45-936CE3E2B828"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6761:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F726F486-A86F-4215-AD93-7A07A071844A"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6762:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "C445EB80-6021-4E26-B74E-1B4B6910CE48"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6762d:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "160C2DDD-6CA5-4E4F-B885-C8AAA7D1D942"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6762m:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "0002C537-4268-43CA-B349-BC14F1F0313C"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6763:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2F19C76A-50DF-4ACA-BACA-07157B4D838B"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6765:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "43E779F6-F0A0-4153-9A1D-B715C3A2F80E"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6765t:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "AE80B083-D5A3-418C-9655-C79C9DECB4C5"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6767:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3367BA13-9C4D-4CCF-8E71-397F33CFF773"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6768:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "06CD97E1-8A76-48B4-9780-9698EF5A960F"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6769:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "D23991D5-1893-49F4-8A06-D5E66C96C3B3"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6769t:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "B43D63CF-FF77-41D8-BA4B-F8BDF88830BA"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6769z:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BA1BE913-70AE-49FE-99E9-E996165DF79D"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "BE4D2AED-C713-407F-A34A-52C3D8F65835"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6779:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EBA369B8-8E23-492B-82CC-23114E6A5D1C"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6783:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "F2C8F9C2-6471-4498-B089-2F40D2483487"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6785:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "A82E0A4F-072F-474C-B94C-8114ABE05639"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6785t:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E208C7B7-7BF6-4E56-B61C-0198B08DC8B3"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:mediatek:modem:lr12a:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A5DAF266-BF28-4EE5-9150-3D5BA62B1898"
          },
          {
            "criteria": "cpe:2.3:o:mediatek:modem:lr13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "163865B3-3CC3-48F1-BFBB-D3B9517B56EB"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References