CVE-2023-20680: Input Validation
First published: Thu Apr 06 2023(Updated: )
In adsp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664785; Issue ID: ALPS07664785.
Credit: security@mediatek.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Google Android | =11.0 | |
| Google Android | =12.0 | |
| Google Android | =13.0 | |
| Mediatek Mt6779 | ||
| Mediatek Mt6781 | ||
| Mediatek Mt6785 | ||
| Mediatek Mt6833 | ||
| Mediatek Mt6853 | ||
| Mediatek Mt6873 | ||
| Mediatek Mt6877 | ||
| Mediatek Mt6879 | ||
| Mediatek Mt6885 | ||
| Mediatek Mt6893 | ||
| Mediatek Mt6895 | ||
| Mediatek Mt6983 | ||
| Mediatek Mt8365 | ||
| Mediatek Mt8695 | ||
| Mediatek Mt8771 | ||
| Mediatek Mt8781 | ||
| Mediatek Mt8791 | ||
| Mediatek Mt8791t | ||
| Mediatek Mt8795t | ||
| Mediatek Mt8797 | ||
| Mediatek Mt8798 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this adsp vulnerability?
The vulnerability ID for this adsp vulnerability is CVE-2023-20680.
What is the severity of CVE-2023-20680?
The severity of CVE-2023-20680 is medium.
How can this vulnerability in adsp be exploited?
This vulnerability in adsp can be exploited without user interaction.
What is the required privilege level for exploitation of CVE-2023-20680 in adsp?
The required privilege level for exploitation of CVE-2023-20680 in adsp is System execution.
How can I patch CVE-2023-20680 in adsp?
You can patch CVE-2023-20680 in adsp by applying the provided Patch ID: ALPS07664785.
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/google
- canonical/google android
- version/google android/11.0
- version/google android/12.0
- version/google android/13.0
- vendor/mediatek
- canonical/mediatek mt6779
- canonical/mediatek mt6781
- canonical/mediatek mt6785
- canonical/mediatek mt6833
- canonical/mediatek mt6853
- canonical/mediatek mt6873
- canonical/mediatek mt6877
- canonical/mediatek mt6879
- canonical/mediatek mt6885
- canonical/mediatek mt6893
- canonical/mediatek mt6895
- canonical/mediatek mt6983
- canonical/mediatek mt8365
- canonical/mediatek mt8695
- canonical/mediatek mt8771
- canonical/mediatek mt8781
- canonical/mediatek mt8791
- canonical/mediatek mt8791t
- canonical/mediatek mt8795t
- canonical/mediatek mt8797
- canonical/mediatek mt8798