← Back

Mediatek

mediatek

258 CVEs • 582 products

Products (582)

Click to collapse
Toggle
Software Development Kit
software_development_kit
71 CVEs
Nr15
nr15
65 CVEs
Nr16
nr16
57 CVEs
Nr17
nr17
48 CVEs
Mt7615 Firmware
mt7615_firmware
38 CVEs
Mt7622 Firmware
mt7622_firmware
37 CVEs
Mt7915 Firmware
mt7915_firmware
37 CVEs
Mt7613 Firmware
mt7613_firmware
36 CVEs
Mt7628 Firmware
mt7628_firmware
36 CVEs
Mt7629 Firmware
mt7629_firmware
36 CVEs
Iot Yocto
iot_yocto
24 CVEs
Nr17r
nr17r
20 CVEs
Mt7603e Firmware
mt7603e_firmware
20 CVEs
Mt7612 Firmware
mt7612_firmware
18 CVEs
Mt7620 Firmware
mt7620_firmware
18 CVEs
Lr12a
lr12a
17 CVEs
Mt7610 Firmware
mt7610_firmware
17 CVEs
Mt7916 Firmware
mt7916_firmware
17 CVEs
Mt7986 Firmware
mt7986_firmware
17 CVEs
Mt7603 Firmware
mt7603_firmware
16 CVEs
Lr13
lr13
15 CVEs
Mt6899 Firmware
mt6899_firmware
12 CVEs
Mt6991 Firmware
mt6991_firmware
12 CVEs
Mt6989 Firmware
mt6989_firmware
11 CVEs
Mt8791t Firmware
mt8791t_firmware
11 CVEs
Mt8793 Firmware
mt8793_firmware
11 CVEs
Mt6877 Firmware
mt6877_firmware
10 CVEs
Mt6897 Firmware
mt6897_firmware
10 CVEs
Nbiot Sdk
nbiot_sdk
9 CVEs
Mt7981 Firmware
mt7981_firmware
9 CVEs
Mt6835 Firmware
mt6835_firmware
9 CVEs
Mt6878 Firmware
mt6878_firmware
9 CVEs
Mt6985 Firmware
mt6985_firmware
9 CVEs
Mt8981 Firmware
mt8981_firmware
8 CVEs
Mt7902 Firmware
mt7902_firmware
8 CVEs
Mt7921 Firmware
mt7921_firmware
8 CVEs
Mt8788 Firmware
mt8788_firmware
8 CVEs
Mt6789 Firmware
mt6789_firmware
8 CVEs
Mt6853 Firmware
mt6853_firmware
8 CVEs
Mt6855 Firmware
mt6855_firmware
8 CVEs
Mt6879 Firmware
mt6879_firmware
8 CVEs
Mt6883 Firmware
mt6883_firmware
8 CVEs
Mt6885 Firmware
mt6885_firmware
8 CVEs
Mt6886 Firmware
mt6886_firmware
8 CVEs
Mt6889 Firmware
mt6889_firmware
8 CVEs
Mt6893 Firmware
mt6893_firmware
8 CVEs
Mt6895 Firmware
mt6895_firmware
8 CVEs
Mt6983 Firmware
mt6983_firmware
8 CVEs
Mt8673 Firmware
mt8673_firmware
8 CVEs
Mt8781 Firmware
mt8781_firmware
8 CVEs
Mt8797 Firmware
mt8797_firmware
8 CVEs
Mt8798 Firmware
mt8798_firmware
8 CVEs
Mt6768 Firmware
mt6768_firmware
7 CVEs
Mt8676 Firmware
mt8676_firmware
7 CVEs
Mt8678 Firmware
mt8678_firmware
7 CVEs
Mt8766 Firmware
mt8766_firmware
7 CVEs
Mt8768 Firmware
mt8768_firmware
7 CVEs
Mt8786 Firmware
mt8786_firmware
7 CVEs
Mt8775 Firmware
mt8775_firmware
7 CVEs
Mt8792 Firmware
mt8792_firmware
7 CVEs
Mt8365 Firmware
mt8365_firmware
6 CVEs
En7580 Firmware
en7580_firmware
6 CVEs
En7528 Firmware
en7528_firmware
6 CVEs
Mt6765 Firmware
mt6765_firmware
6 CVEs
Mt6781 Firmware
mt6781_firmware
6 CVEs
Mt6813 Firmware
mt6813_firmware
6 CVEs
Mt6890 Firmware
mt6890_firmware
6 CVEs
Mt8863 Firmware
mt8863_firmware
6 CVEs
Mt6993 Firmware
mt6993_firmware
6 CVEs
Mt8873 Firmware
mt8873_firmware
6 CVEs
Mt8883 Firmware
mt8883_firmware
6 CVEs
Mt8893 Firmware
mt8893_firmware
6 CVEs
Mt8910 Firmware
mt8910_firmware
6 CVEs
Mt8518s Firmware
mt8518s_firmware
5 CVEs
Mt8532 Firmware
mt8532_firmware
5 CVEs
Mt2735 Firmware
mt2735_firmware
5 CVEs
Mt2737 Firmware
mt2737_firmware
5 CVEs
Mt6739 Firmware
mt6739_firmware
5 CVEs
Mt6761 Firmware
mt6761_firmware
5 CVEs
Mt6833 Firmware
mt6833_firmware
5 CVEs
Mt6873 Firmware
mt6873_firmware
5 CVEs
Mt6875 Firmware
mt6875_firmware
5 CVEs
Mt6880 Firmware
mt6880_firmware
5 CVEs
Mt6891 Firmware
mt6891_firmware
5 CVEs
Mt6896 Firmware
mt6896_firmware
5 CVEs
Mt6980 Firmware
mt6980_firmware
5 CVEs
Mt6990 Firmware
mt6990_firmware
5 CVEs
Mt8675 Firmware
mt8675_firmware
5 CVEs
Mt8771 Firmware
mt8771_firmware
5 CVEs
Mt8668 Firmware
mt8668_firmware
5 CVEs
Mt8755 Firmware
mt8755_firmware
5 CVEs
Modem
modem
4 CVEs
Lr11
lr11
4 CVEs
Lr12
lr12
4 CVEs
Mt5221 Firmware
mt5221_firmware
4 CVEs
Mt7668 Firmware
mt7668_firmware
4 CVEs
Mt8167s Firmware
mt8167s_firmware
4 CVEs
Mt8175 Firmware
mt8175_firmware
4 CVEs
Mt8362a Firmware
mt8362a_firmware
4 CVEs
Mt8385 Firmware
mt8385_firmware
4 CVEs

CVEs (258)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-20017
2Mediatek
Openwrt
2Openwrt
Software Development Kit
May 5, 2025
Mar 4, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for explo...Show more
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation Patch ID: WCNCR00350938; Issue ID: MSV-1132.Show less
CVE-2024-20004
1Mediatek
1Nr15
Nov 21, 2024
Feb 5, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges...Show more
In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01195812 (MSV-985).Show less
CVE-2024-20003
1Mediatek
1Nr15
Nov 21, 2024
Feb 5, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges...Show more
In Modem NL1, there is a possible system crash due to an improper input validation. This could lead to remote denial of service, if NW sent invalid NR RRC Connection Setup message, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01191612; Issue ID: MOLY01191612 (MSV-981).Show less
CVE-2023-32891
2Google
Mediatek
5Android
Lr13Nr15+2 more
Jun 18, 2025
Jan 2, 2024
N/A· v4
6.7 MEDIUM· v3
N/A· v2
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for...Show more
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559.Show less
CVE-2023-32890
1Mediatek
4Lr13
Nr15Nr16+1 more
Nov 21, 2024
Jan 2, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...Show more
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963).Show less
CVE-2023-32888
1Mediatek
3Nr15
Nr16Nr17
May 16, 2025
Jan 2, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for...Show more
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894).Show less
CVE-2023-32887
1Mediatek
3Nr15
Nr16Nr17
Jun 16, 2025
Jan 2, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitat...Show more
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892).Show less
CVE-2023-32886
1Mediatek
3Nr15
Nr16Nr17
Jun 3, 2025
Jan 2, 2024
N/A· v4
7.5 HIGH· v3
N/A· v2
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for e...Show more
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807.Show less
CVE-2023-32874
1Mediatek
4Lr13
Nr15Nr16+1 more
Apr 17, 2025
Jan 2, 2024
N/A· v4
9.8 CRITICAL· v3
N/A· v2
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for explo...Show more
In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 (MSV-893).Show less
CVE-2023-32831
1Mediatek
1Software Development Kit
Jun 18, 2025
Jan 2, 2024
N/A· v4
5.5 MEDIUM· v3
N/A· v2
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitati...Show more
In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868.Show less
CVE-2023-32846
1Mediatek
3Nr15
Nr16Nr17
Nov 21, 2024
Dec 4, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User intera...Show more
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).Show less
CVE-2023-32845
1Mediatek
3Nr15
Nr16Nr17
Nov 21, 2024
Dec 4, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User intera...Show more
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).Show less
CVE-2023-32844
1Mediatek
3Nr15
Nr16Nr17
Nov 21, 2024
Dec 4, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User intera...Show more
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).Show less
CVE-2023-32843
1Mediatek
3Nr15
Nr16Nr17
May 29, 2025
Dec 4, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User intera...Show more
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).Show less
CVE-2023-32842
1Mediatek
3Nr15
Nr16Nr17
Nov 21, 2024
Dec 4, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User intera...Show more
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).Show less
CVE-2023-32841
1Mediatek
3Nr15
Nr16Nr17
Nov 21, 2024
Dec 4, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User intera...Show more
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).Show less
CVE-2023-32840
1Mediatek
4Lr12a
Nr15Nr16+1 more
Nov 21, 2024
Nov 6, 2023
N/A· v4
6.5 MEDIUM· v3
N/A· v2
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for expl...Show more
In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 (MSV-862).Show less
CVE-2023-20702
1Mediatek
3Nr15
Nr16Nr17
Nov 21, 2024
Nov 6, 2023
N/A· v4
7.5 HIGH· v3
N/A· v2
In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. Use...Show more
In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.Show less
CVE-2023-32829
3Google
LinuxfoundationMediatek
3Android
Iot YoctoYocto
Nov 21, 2024
Oct 2, 2023
N/A· v4
6.7 MEDIUM· v3
N/A· v2
In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Pa...Show more
In apusys, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07713478; Issue ID: ALPS07713478.Show less
CVE-2023-32828
2Google
Mediatek
2Android
Iot Yocto
Nov 21, 2024
Oct 2, 2023
N/A· v4
6.7 MEDIUM· v3
N/A· v2
In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch...Show more
In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767817; Issue ID: ALPS07767817.Show less