CVE-2023-32832

Published Nov 6, 2023

Last updated a year ago

CVSS high 7.0

Overview

Description: In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08235273.
Source: security@mediatek.com
NVD status: Modified

Risk scores

CVSS 3.1

Type: Primary
Base score: 7
Impact score: 5.9
Exploitability score: 1
Vector string: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

Weaknesses

nvd@nist.gov: CWE-787

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"
          },
          {
            "criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"
          }
        ],
        "operator": "OR"
      },
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:h:mediatek:mt6883:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "15E2EC3F-9FB3-488B-B1C1-2793A416C755"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6885:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "DD64413C-C774-4C4F-9551-89E1AA9469EE"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6889:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "3B787DC3-8E5A-4968-B20B-37B6257FAAE2"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6893:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "213B5C7F-D965-4312-9CDF-4F06FA77D401"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6895:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "E0CA45C9-7BFE-4C93-B2AF-B86501F763AB"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6983:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EB6B9A26-F8A1-4322-AA4E-CDF8F7D99000"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt6985:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "EA72CCD1-DEA2-48EB-8781-04CFDD41AAEE"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt8797:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "2B469BF4-5961-42E9-814B-1BE06D182E45"
          },
          {
            "criteria": "cpe:2.3:h:mediatek:mt8798:-:*:*:*:*:*:*:*",
            "vulnerable": false,
            "matchCriteriaId": "637CAAD2-DCC0-4F81-B781-5D0536844CA8"
          }
        ],
        "operator": "OR"
      }
    ],
    "operator": "AND"
  }
]

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References