CVE-2023-32807: Input Validation
First published: Mon Sep 04 2023(Updated: )
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360.
Credit: security@mediatek.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Yocto Project | =4.0 | |
| MediaTek IoT Yocto | =23.0 | |
| Android | =13.0 | |
| MediaTek MT6779 | ||
| MediaTek MT6781 | ||
| MediaTek MT6785T | ||
| MediaTek M6789 | ||
| MediaTek MT6833 | ||
| MediaTek MT6835 | ||
| MediaTek MT6853 | ||
| MediaTek MT6855 | ||
| MediaTek MT6873 | ||
| MediaTek MT8167 | ||
| MediaTek MT8168 | ||
| MediaTek MT8173 | ||
| MediaTek MT8183 | ||
| MediaTek MT8321 | ||
| MediaTek MT8365 Firmware | ||
| MediaTek MT8385 Firmware | ||
| MediaTek MT8666 | ||
| MediaTek MT8667 | ||
| MediaTek MT8765 | ||
| MediaTek MT8766Z | ||
| MediaTek MT8768 | ||
| MediaTek MT8781 WiFi | ||
| MediaTek MT8786 | ||
| MediaTek MT8788 Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2023-32807.
What is the severity of CVE-2023-32807?
The severity of CVE-2023-32807 is medium with a CVSS score of 4.4.
What software is affected by CVE-2023-32807?
The Linuxfoundation Yocto, Mediatek Iot Yocto, and Google Android software are affected by CVE-2023-32807.
How can CVE-2023-32807 be exploited?
CVE-2023-32807 can be exploited without user interaction and requires local execution privileges.
Is there a patch available for CVE-2023-32807?
Yes, a patch is available. Patch ID: ALPS07588360; Issue ID: ALPS07588360.
- agent/type
- agent/references
- agent/weakness
- agent/severity
- agent/description
- agent/event
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/author
- agent/tags
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/softwarecombine
- vendor/linuxfoundation
- canonical/yocto project
- version/yocto project/4.0
- vendor/mediatek
- canonical/mediatek iot yocto
- version/mediatek iot yocto/23.0
- vendor/google
- canonical/android
- version/android/13.0
- canonical/mediatek mt6779
- canonical/mediatek mt6781
- canonical/mediatek mt6785t
- canonical/mediatek m6789
- canonical/mediatek mt6833
- canonical/mediatek mt6835
- canonical/mediatek mt6853
- canonical/mediatek mt6855
- canonical/mediatek mt6873
- canonical/mediatek mt8167
- canonical/mediatek mt8168
- canonical/mediatek mt8173
- canonical/mediatek mt8183
- canonical/mediatek mt8321
- canonical/mediatek mt8365 firmware
- canonical/mediatek mt8385 firmware
- canonical/mediatek mt8666
- canonical/mediatek mt8667
- canonical/mediatek mt8765
- canonical/mediatek mt8766z
- canonical/mediatek mt8768
- canonical/mediatek mt8781 wifi
- canonical/mediatek mt8786
- canonical/mediatek mt8788 firmware