CVE-2023-20750: Race Condition
First published: Tue Jun 06 2023(Updated: )
In swpm, there is a possible out of bounds write due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780926; Issue ID: ALPS07780928.
Credit: security@mediatek.com security@mediatek.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Android | =13.0 | |
| Any of | ||
| MediaTek MT6835 | ||
| MediaTek MT6886 | ||
| MediaTek MT6983 | ||
| MediaTek MT6985T | ||
| Mediatek MT8167 | ||
| MediaTek MT8167S Firmware | ||
| MediaTek MT8168 | ||
| MediaTek MT8175 Firmware | ||
| MediaTek MT8195Z | ||
| MediaTek MT8321 | ||
| MediaTek MT8362A Firmware | ||
| MediaTek MT8365 Firmware | ||
| MediaTek MT8385 Firmware | ||
| MediaTek MT8673 | ||
| MediaTek MT8765 | ||
| MediaTek MT8766Z | ||
| MediaTek MT8768 | ||
| MediaTek MT8781 WiFi | ||
| mediatek mt8786 | ||
| MediaTek MT8788 Firmware | ||
| MediaTek MT8791T | ||
| MediaTek MT8797 | ||
| Android | =13.0 | |
| MediaTek MT6835 | ||
| MediaTek MT6886 | ||
| MediaTek MT6983 | ||
| MediaTek MT6985T | ||
| Mediatek MT8167 | ||
| MediaTek MT8167S Firmware | ||
| MediaTek MT8168 | ||
| MediaTek MT8175 Firmware | ||
| MediaTek MT8195Z | ||
| MediaTek MT8321 | ||
| MediaTek MT8362A Firmware | ||
| MediaTek MT8365 Firmware | ||
| MediaTek MT8385 Firmware | ||
| MediaTek MT8673 | ||
| MediaTek MT8765 | ||
| MediaTek MT8766Z | ||
| MediaTek MT8768 | ||
| MediaTek MT8781 WiFi | ||
| mediatek mt8786 | ||
| MediaTek MT8788 Firmware | ||
| MediaTek MT8791T | ||
| MediaTek MT8797 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the CVE ID of this vulnerability?
The CVE ID of this vulnerability is CVE-2023-20750.
What is the severity of CVE-2023-20750?
The severity of CVE-2023-20750 is medium with a CVSS score of 4.1.
What is the affected software by CVE-2023-20750?
The affected software by CVE-2023-20750 includes Google Android 13.0.
How can this vulnerability be exploited?
This vulnerability can be exploited without user interaction.
Is there a patch available for CVE-2023-20750?
Yes, a patch with Patch ID ALPS07780926 and Issue ID ALPS07780928 is available.
- agent/type
- agent/references
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/source
- agent/weakness
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/google
- canonical/android
- version/android/13.0
- vendor/mediatek
- canonical/mediatek mt6835
- canonical/mediatek mt6886
- canonical/mediatek mt6983
- canonical/mediatek mt6985t
- canonical/mediatek mt8167
- canonical/mediatek mt8167s firmware
- canonical/mediatek mt8168
- canonical/mediatek mt8175 firmware
- canonical/mediatek mt8195z
- canonical/mediatek mt8321
- canonical/mediatek mt8362a firmware
- canonical/mediatek mt8365 firmware
- canonical/mediatek mt8385 firmware
- canonical/mediatek mt8673
- canonical/mediatek mt8765
- canonical/mediatek mt8766z
- canonical/mediatek mt8768
- canonical/mediatek mt8781 wifi
- canonical/mediatek mt8786
- canonical/mediatek mt8788 firmware
- canonical/mediatek mt8791t
- canonical/mediatek mt8797