7.5 HIGH
- CVSS version (CVSS): 3.1
- Attack Vector (AV): Adjacent (A)
- Attack Complexity (AC): High (H)
- Privileges Required (PR): None (N)
- User Interaction (UI): None (N)
- Scope (S): Unchanged (U)
- Confidentiality (C): High (H)
- Integrity (I): High (H)
- Availability (A): High (H)
- Modified Attack Vector (MAV): Adjacent (A)
- Modified Attack Complexity (MAC): High (H)
- Modified Privileges Required (MPR): None (N)
- Modified User Interaction (MUI): None (N)
- Modified Confidentiality (MC): High (H)
- Modified Scope (MS): Unchanged (U)
- Modified Integrity (MI): High (H)
- Modified Availability (MA): High (H)
Activity log
- Created & dismissed (no matching packages found) suggestion
In Modem, there is a possible memory corruption due to …
In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01402160; Issue ID: MSV-7298.
Affected products
- ==MT8673
- ==MT6986
- ==MT8793
- ==MT6783
- ==MT8893
- ==MT8788
- ==MT6763
- ==MT8766R
- ==MT6771
- ==MT6881
- ==MT6895
- ==MT6769
- ==MT6982
- ==MT8873
- ==MT6858
- ==MT6878
- ==MT6993
- ==MT6761
- ==MT8676
- ==MT6789
- ==MT8781
- ==MT8765
- ==MT2716
- ==MT8796
- ==MT6765
- ==MT6985
- ==MT6813
- ==MT6988
- ==MT6989
- ==MT8667
- ==MT8775
- ==MT8883
- ==MT8668
- ==MT6983
- ==MT8768
- ==MT8789
- ==MT6899
- ==MT6781
- ==MT6762
- ==MT2737
- ==MT8795T
- ==MT6986D
- ==MT6785
- ==MT6879
- ==MT6980
- ==MT6990
- ==MT8786
- ==MT8788E
- ==MT6886
- ==MT8798
- ==MT6897
- ==MT6767
- ==MT6991
- ==MT8678
- ==MT8792
- ==MT6779
- ==MT6896
- ==MT8755
- ==MT8666
- ==MT8766
- ==MT6768
- ==MT6739
- ==MT6835
- ==MT8863