Iot Yocto
CVE-2023-20812
MEDIUM
Severity by source
AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987.
AnalysisAI
In wlan driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Out-of-bounds Write (CWE-787), which allows attackers to write data beyond allocated buffer boundaries leading to code execution or crashes. In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944987; Issue ID: ALPS07944987. Affected products include: Mediatek Iot Yocto, Google Android.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Validate write boundaries, use memory-safe languages, enable compiler protections (ASLR, stack canaries).
In wlan driver, there is a possible out of bounds write due to improper input validation. Rated critical severity (CVSS
In wlan firmware, there is a possible firmware assertion due to improper input handling. Rated high severity (CVSS 7.5),
In apusys, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vu
In vpu, there is a possible out of bounds write due to an integer overflow. Rated medium severity (CVSS 6.7), this vulne
In connectivity system driver, there is a possible out of bounds write due to improper input validation. Rated medium se
In wlan driver, there is a possible out of bounds write due to improper input validation. Rated medium severity (CVSS 6.
In vcu, there is a possible out of bounds write due to improper locking. Rated medium severity (CVSS 6.7), this vulnerab
In vcu, there is a possible out of bounds write due to improper locking. Rated medium severity (CVSS 6.7), this vulnerab
In vcu, there is a possible use after free due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability is
In vcu, there is a possible out of bounds write due to improper locking. Rated medium severity (CVSS 6.7), this vulnerab
In vcu, there is a possible memory corruption due to a logic error. Rated medium severity (CVSS 6.7), this vulnerability
In vcu, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vu
Same weakness CWE-787 – Out-of-bounds Write
View allSame technique Memory Corruption
View allShare
External POC / Exploit Code
Leaving vuln.today