VYPR

preloader

by Mediatek

CVEs (13)

  • CVE-2023-20725MedJun 6, 2023
    risk 0.44cvss 6.7epss 0.00

    In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880,…

  • CVE-2023-20696MedMay 15, 2023
    risk 0.44cvss 6.7epss 0.00

    In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07856356 / ALPS07874388 (For MT6880 and…

  • CVE-2023-20695MedMay 15, 2023
    risk 0.44cvss 6.7epss 0.00

    In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734012 / ALPS07874363 (For MT6880,…

  • CVE-2023-20694MedMay 15, 2023
    risk 0.44cvss 6.7epss 0.00

    In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07733998 / ALPS07874388 (For MT6880 and…

  • CVE-2022-20055MedMar 10, 2022
    risk 0.44cvss 6.8epss 0.00

    In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for…

  • CVE-2022-26468MedSep 6, 2022
    risk 0.43cvss 6.6epss 0.00

    In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for…

  • CVE-2022-20074MedApr 11, 2022
    risk 0.43cvss 6.6epss 0.00

    In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed…

  • CVE-2022-20073MedApr 11, 2022
    risk 0.43cvss 6.6epss 0.00

    In preloader (usb), there is a possible out of bounds write due to a integer underflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for…

  • CVE-2022-20069MedApr 11, 2022
    risk 0.43cvss 6.6epss 0.00

    In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for…

  • CVE-2022-20060MedMar 10, 2022
    risk 0.43cvss 6.6epss 0.00

    In preloader (usb), there is a possible permission bypass due to a missing proper image authentication. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is…

  • CVE-2022-20059MedMar 10, 2022
    risk 0.43cvss 6.6epss 0.00

    In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for…

  • CVE-2022-20058MedMar 10, 2022
    risk 0.43cvss 6.6epss 0.00

    In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for…

  • CVE-2022-20056MedMar 10, 2022
    risk 0.43cvss 6.6epss 0.00

    In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for…