CVE-2023-20708
Description
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A missing bounds check in keyinstall on MediaTek chipsets allows local out-of-bounds read, leading to escalation of privilege.
Vulnerability
In keyinstall on certain MediaTek chipsets, an out-of-bounds read vulnerability exists due to a missing bounds check. This could be triggered by a local attacker with system execution privileges. Affected chipsets include MT2731, MT2735, MT2737, MT6580, MT6739, MT6761, MT6762, MT6765, MT6767, MT6768, MT6769, MT6771, MT6779, MT6781, MT6783, MT6785, MT6789, MT6833, MT6853, MT6855, MT6873, MT6877, MT6879, MT6880, and others. The issue is identified by ALPS07581655 and is listed in the May 2023 MediaTek Product Security Bulletin [1].
Exploitation
The attacker must have system execution privileges on the device. No user interaction is needed for exploitation. The precise sequence of steps is not disclosed, but an out-of-bounds read can be triggered by supplying crafted input to the keyinstall component that is not properly validated.
Impact
Successful exploitation could lead to local escalation of privilege. The attacker could potentially read sensitive data from memory outside the intended bounds, which may include keys or other protected information, leading to further compromise of the system.
Mitigation
MediaTek has released a patch, identified as ALPS07581655. Device OEMs were notified at least two months before the May 2023 bulletin publication [1]. Users should apply security updates from their device manufacturer as soon as they become available.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- MediaTek, Inc./MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6889, MT6891, MT6893, MT6895, MT6983, MT8185, MT8321, MT8385, MT8666, MT8667, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797v5Range: Android 11.0, 12.0, 13.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.