Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-20702


In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895.


Published

2023-11-06T04:15:07.653

Last Modified

2024-11-21T07:41:22.977

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses
  • Type: Primary
    NVD-CWE-Other

Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System mediatek nr15 - Yes
Operating System mediatek nr16 - Yes
Operating System mediatek nr17 - Yes
Hardware mediatek mt6835 - No
Hardware mediatek mt6873 - No
Hardware mediatek mt6875 - No
Hardware mediatek mt6879 - No
Hardware mediatek mt6883 - No
Hardware mediatek mt6885 - No
Hardware mediatek mt6886 - No
Hardware mediatek mt6889 - No
Hardware mediatek mt6895 - No
Hardware mediatek mt6980 - No
Hardware mediatek mt6983 - No
Hardware mediatek mt6985 - No
Hardware mediatek mt6990 - No
Hardware mediatek mt8673 - No
Hardware mediatek mt8675 - No
Hardware mediatek mt8791 - No
Hardware mediatek mt8791t - No
Hardware mediatek mt8797 - No
Hardware mediatek mt8798 - No

References