First published: Thu Sep 09 2021(Updated: )
In modem 2G RRM, there is a possible system crash due to a heap buffer overflow. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00500621; Issue ID: ALPS04964926.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mediatek Modem | =lr12a | |
Mediatek Modem | =lr13 | |
Mediatek Mt6739 | ||
Mediatek Mt6761 | ||
Mediatek Mt6762 | ||
Google Android | ||
Mediatek Mt6762m | ||
Mediatek Mt6763 | ||
Mediatek Mt6765 | ||
Google Android | ||
Mediatek Mt6767 | ||
Mediatek Mt6768 | ||
Mediatek Mt6769 | ||
Google Android | ||
Google Android | ||
Mediatek Mt6771 | ||
Mediatek Mt6779 | ||
Mediatek Mt6783 | ||
Mediatek Mt6785 | ||
Google Android |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2021-32485 is a vulnerability in modem 2G RRM that could lead to a system crash due to a heap buffer overflow, resulting in a remote denial of service attack.
The severity of CVE-2021-32485 is high, with a CVSS base score of 7.5.
CVE-2021-32485 can be exploited remotely without requiring any user interaction.
The affected software includes modem 2G RRM versions lr12a and lr13 by Mediatek.
Yes, a patch for CVE-2021-32485 is available with the Patch ID: MOLY00500621.