Vulnerability Description
In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linuxfoundation | Yocto | 3.1 |
| Mediatek | Iot Yocto | 23.0 |
| Android | 11.0 | |
| Linux | Linux Kernel | 4.19 |
| Mediatek | Mt5221 | - |
| Mediatek | Mt6781 | - |
| Mediatek | Mt6833 | - |
| Mediatek | Mt6853 | - |
| Mediatek | Mt6853T | - |
| Mediatek | Mt6855 | - |
| Mediatek | Mt6873 | - |
| Mediatek | Mt6875 | - |
| Mediatek | Mt6877 | - |
| Mediatek | Mt6879 | - |
| Mediatek | Mt6883 | - |
| Mediatek | Mt6885 | - |
| Mediatek | Mt6886 | - |
| Mediatek | Mt6889 | - |
| Mediatek | Mt6891 | - |
| Mediatek | Mt6893 | - |
Related Weaknesses (CWE)
References
- https://corp.mediatek.com/product-security-bulletin/October-2023Vendor Advisory
- https://corp.mediatek.com/product-security-bulletin/October-2023Vendor Advisory
FAQ
What is CVE-2023-32820?
CVE-2023-32820 is a vulnerability with a CVSS score of 7.5 (HIGH). In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is...
How severe is CVE-2023-32820?
CVE-2023-32820 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-32820?
Check the references section above for vendor advisories and patch information. Affected products include: Linuxfoundation Yocto, Mediatek Iot Yocto, Google Android, Linux Linux Kernel, Mediatek Mt5221.