CVE-2023-20784
Description
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Out-of-bounds write in keyinstall on MediaTek chipsets allows local escalation of privilege with System privileges.
Vulnerability
In the keyinstall component of MediaTek chipsets, an out-of-bounds write vulnerability exists due to a missing bounds check. This flaw is present in the code handling key installation operations. The vulnerability affects MediaTek chipsets as listed in the August 2023 Product Security Bulletin [1]. System execution privileges are required to reach the vulnerable code path. No user interaction is needed for exploitation.
Exploitation
An attacker with System execution privileges can trigger the out-of-bounds write by providing crafted input to the keyinstall function. The missing bounds check allows writing data beyond the allocated buffer. The attack does not require any user interaction, making it exploitable in automated scenarios.
Impact
Successful exploitation leads to local escalation of privilege. The attacker can corrupt memory or overwrite critical data structures, potentially gaining elevated privileges beyond the initial System level. This could result in full compromise of the device's security mechanisms.
Mitigation
MediaTek has released a patch identified as ALPS07826989 to address this vulnerability. The fix is included in the August 2023 Product Security Bulletin [1]. Device OEMs have been notified and are expected to deploy the update. No workarounds are available; applying the patch is the recommended mitigation.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- MediaTek, Inc./MT6580, MT6731, MT6735, MT6737, MT6739, MT6753, MT6757, MT6757C, MT6757CD, MT6757CH, MT6761, MT6762, MT6763, MT6765, MT6768, MT6769, MT6771, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6853T, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6891, MT6893, MT6895, MT6983, MT6985, MT8185, MT8321, MT8385, MT8666, MT8673, MT8675, MT8765, MT8766, MT8768, MT8781, MT8786, MT8788, MT8789, MT8791, MT8791T, MT8797v5Range: Android 11.0, 12.0, 13.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.